Lucene search
GoogleOSV:CVE-2020-20508HistorySep 24, 2021 - 10:15 p.m.
CVE-2020-20508
2021-09-2422:15:08
Google
osv.dev
3
shopkit
xss vulnerability
registration component
e-mail text field
user credentials hijack
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
References
Related
cnvd
cnvd
Shopkit Cross-Site Scripting Vulnerability
2021-09-27 00:00:00
cvelist
cvelist
CVE-2020-20508
2021-09-24 21:27:34
cve
cve
CVE-2020-20508
2021-09-24 22:15:08
prion
prion
Cross site scripting
2021-09-24 22:15:00
nvd
nvd
CVE-2020-20508
2021-09-24 22:15:08